Ukraine, cyber gang dismantled

Police operation in several countries: hundreds of millions of damages and 250 servers blocked

A coordinated police operation between seven European countries and the United States, together with Europol and Eurojust, has dismantled and captured members of a Ukrainian cyber gang that organized ransomware scams against organizations, especially large corporations, in 71 countries around the world , causing hundreds of millions of dollars in damage. Europol underlines in a press release that the operation was “unprecedented”, also due to the close collaboration with the Ukrainian national police, and “did not stop or slow down” with the ongoing war in Ukraine.

On Tuesday last week, 30 properties were searched in the Kiev, Cherkasy, Rivne and Vinnytsia regions. And the leader of the gang, a 32-year-old, and four of his closest accomplices were arrested.

The seized data was sent in real time to the virtual command center set up at Europol headquarters in the Netherlands, which operated in parallel to the Ukrainian station, where more than 20 investigators from Norway, France, Germany and the United States worked.

The first arrests were made in 2021, when seizures were also made in Ukraine. Since then, the seized devices have been analyzed by Europol and Norway.

The French authorities, together with Norway, Great Britain and Ukraine, had started the investigation by creating a joint group two years earlier. In parallel, the Netherlands, Germany, Switzerland and the United States also investigated.

There were two groups within the gang. Experts in compromising the IT networks of their targets with different techniques and others in laundering the ransoms paid by the affected organizations into cryptocurrencies. They managed to block 250 servers of large companies, which lost hundreds of millions of euros.